Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,461 advisories

Loading
The iaware module has a vulnerability in thread security. Successful exploitation of this... Critical Unreviewed
CVE-2022-44551 was published Nov 10, 2022
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful... Critical Unreviewed
CVE-2022-44558 was published Nov 10, 2022
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-43058 was published Nov 10, 2022
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful... Critical Unreviewed
CVE-2022-44559 was published Nov 10, 2022
VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A... Critical Unreviewed
CVE-2022-31687 was published Nov 10, 2022
The DRM module has a vulnerability in verifying the secure memory attributes. Successful... Critical Unreviewed
CVE-2021-46851 was published Nov 10, 2022
Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to... Critical Unreviewed
CVE-2022-39892 was published Nov 10, 2022
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR... Critical Unreviewed
CVE-2022-39881 was published Nov 10, 2022
Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior... Critical Unreviewed
CVE-2022-3726 was published Nov 10, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2022-41080 was published Nov 10, 2022
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a... Critical Unreviewed
CVE-2021-34566 was published Nov 9, 2022
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet... Critical Unreviewed
CVE-2021-34569 was published Nov 9, 2022
The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and... Critical Unreviewed
CVE-2022-25932 was published Nov 9, 2022
CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress. Critical Unreviewed
CVE-2022-27858 was published Nov 9, 2022
Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5... Critical Unreviewed
CVE-2022-34825 was published Nov 9, 2022
Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to... Critical Unreviewed
CVE-2022-37015 was published Nov 9, 2022
Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier,... Critical Unreviewed
CVE-2022-34824 was published Nov 9, 2022
Buffer overflow vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0... Critical Unreviewed
CVE-2022-34823 was published Nov 9, 2022
Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0... Critical Unreviewed
CVE-2022-34822 was published Nov 9, 2022
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic... Critical Unreviewed
CVE-2022-33321 was published Nov 9, 2022
Unauthorized access to Gateway user capabilities Critical Unreviewed
CVE-2022-27510 was published Nov 9, 2022
User login brute force protection functionality bypass Critical Unreviewed
CVE-2022-27516 was published Nov 9, 2022
Remote desktop takeover via phishing Critical Unreviewed
CVE-2022-27513 was published Nov 9, 2022
Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default... Critical Unreviewed
CVE-2022-40797 was published Nov 9, 2022
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection... Critical Unreviewed
CVE-2022-45062 was published Nov 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database